Unknown
CVE-2008-2545
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different case.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- skype,
- skype 3.0.0.106,
- skype 3.0.0.123,
- skype 3.0.0.137,
- skype 3.0.0.154,
- skype 3.0.0.190,
- skype 3.0.0.198,
- skype 3.0.0.205,
- skype 3.0.0.209,
- skype 3.0.0.214,
- skype 3.0.0.216,
- skype 3.0.0.217,
- skype 3.0.0.218,
- skype 3.1.0.112,
- skype 3.1.0.134,
- skype 3.1.0.144,
- skype 3.1.0.147,
- skype 3.1.0.150,
- skype 3.1.0.152,
- skype 3.2.0.115,
- skype 3.2.0.145,
- skype 3.2.0.148,
- skype 3.2.0.152,
- skype 3.2.0.158,
- skype 3.2.0.163,
- skype 3.2.0.175,
- skype 3.2.0.53,
- skype 3.2.0.63,
- skype 3.2.0.82,
- skype 3.5.0.107,
- skype 3.5.0.158,
- skype 3.5.0.178,
- skype 3.5.0.202,
- skype 3.5.0.214,
- skype 3.5.0.229,
- skype 3.5.0.234,
- skype 3.5.0.239,
- skype 3.6.0.127,
- skype 3.6.0.159,
- skype 3.6.0.216,
- skype 3.6.0.244,
- skype 3.6.0.248,
- skype 3.8.0.96
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
